4fc417c24b95b1b7aad338461dc00cc296e8a753e0f6a348ac5eb834fe32374d | Triage

Sharing

General

Target

2024-11-20_8f1bd96d2a24342802d85a5df98fbc21_cryptolocker
Size

32KB
Sample

241120-d34lda1apl
MD5

8f1bd96d2a24342802d85a5df98fbc21
SHA1

2211ab148be2ee86ad735491112dabc2eacefbd6
SHA256

4fc417c24b95b1b7aad338461dc00cc296e8a753e0f6a348ac5eb834fe32374d
SHA512

0c1d7f027a4fe88f9a239e15754f3821a32ef3d0e15f3aec939d6a4e348026d889fa6408777b152496cb1719a53ffed26914138c0654858fb2522f4a97d8db21
SSDEEP

768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjB9iNLF:X6QFElP6n+gJQMOtEvwDpjBY

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-11-20_8f1bd96d2a24342802d85a5df98fbc21_cryptolocker
- Size
  
  32KB
- MD5
  
  8f1bd96d2a24342802d85a5df98fbc21
- SHA1
  
  2211ab148be2ee86ad735491112dabc2eacefbd6
- SHA256
  
  4fc417c24b95b1b7aad338461dc00cc296e8a753e0f6a348ac5eb834fe32374d
- SHA512
  
  0c1d7f027a4fe88f9a239e15754f3821a32ef3d0e15f3aec939d6a4e348026d889fa6408777b152496cb1719a53ffed26914138c0654858fb2522f4a97d8db21
- SSDEEP
  
  768:X6LsoEEeegiZPvEhHSG+gp/QtOOtEvwDpjB9iNLF:X6QFElP6n+gJQMOtEvwDpjBY
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2